The new portion of insider incidents: cases of remote employee and CISO
28.10.2024

In this incident roundup, we are exploring two cases of customer data leakage with insiders being accused of security rules violation. 

Miami-based Transak’s employee and Indian Health Star CISO are accused of being the possible reason for massive customer data leakages. The first incident seems to be the result of negligence when the second one is still investigated. Let’s examine each one in detail.

Transak, a cryptocurrency payment processor or so-called “onramp”, which is used by crypto platforms like Metamask and Binance to allow their customers to buy cryptocurrencies, experienced a loss of data on 93,000 unique users. The incident was accidentally caused by an employee, working remotely, who used a laptop for non-work purposes.

The employee is believed to have fallen victim to a phishing scam, as a result of which the hackers got hold of the data and are now demanding a ransom. The ransomware group claims it has only released a subset of the stolen data and threatened to “leak the remaining data or sell it to the highest bidder” if Transak fails to pay a ransom of $30,000.

According to Transak representatives, the leaked data was limited to "names" and "basic identity information", including: 

  • Passports 
  • ID cards
  • Selfies used by customers to verify their identities with crypto financial products.

This was reported to CoinDesk by Sami Start, Transak CEO. 

In he's turn, the CISO of Star Health, the Indian biggest health insurer is under a probe for an alleged role in leaking the personal data of 31 million customers. The investigation comes after the hacker, an individual dubbed xenZen, publicly asserted on his website that the executive had "sold all this data to me".

Amarjeet Khanuja, the firm's chief information security officer, who is on a probe, has been cooperating in the investigation and is not responding to a request for comment, according to Reuters.


Two different incidents with the same “roots” were on the exploration today. Both Transak and Star Health have gaps in their internal security system and are needed the solutions that would prevent losing data from within. As for the case of Star Health, DLP would prevent unauthorized access to data, transmitting it to third parties and helped to conduct an investigation, while the case with Transak employee reflects the importance of cybersecurity trainings, which enhance employees’ cyber literacy and help to recognize signs of fraud – in particular, be able to distinguish phishing links from reliable ones and understand why it’s not allowed to use corporate device for  personal issues. 


Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyberincidents.